When was SSL mutual authentication introduced to Big-IP?
Hey f5'ers, I have a question around SSL Mutual Authentication. Does anyone know when was mutual authentication introduced to LTM and which version of Big-IP in was introduced with please? We are experiencing some difficulty in establishing a mutually authenticated TLS1.2 session between another organisation's f5 LTM and our NGINX server. We can see their f5 LTM sending a client certificate/signer/root bundle when prompted but our NGINX server is then closing the connection with an ASN1 parsing issue. They are claiming that they have discovered that their version of Big-IP is unable to perform mutual authentication with TLS1.2, but given that we see their client certificate arriving at our NGINX server and WE are closing the connection, that doesn't make sense. I just wanted to clarify when exactly MA was introduced to Big-IP as I've been using it for 6 years now and I imagine it must have been there for ages? Thanks in advance, Peter
Unique identification of client in SSL Mutual auth
Hi, I have been using SSL Mutual Authentication via LTM. IN previous implementation A single client certificate was used to multiple clients, now I need to identify clinet uniquely by client Certificate via mutual auth. and have to make sure that single client certificate can not be reused by other client. What are the possibilities to achieve this via LTM or by any other BigIP module and how.?
